Privacy Policy
Last update:
Sunday, October 26, 2025
When you use our services, we may collect basic information like your name, email address, and usage data to help us improve your experience. We never sell your data to third parties. Any third-party tools we use are carefully selected to ensure your data remains secure.
Privacy Policy — WAV-waysta (Pty) Ltd (Effective Date: October 26, 2025)
Introduction
WAV-waysta (Pty) Ltd (“WAV-waysta”, “we”, “our”, “us”) is a registered South African private company (Reg. No. 2025/800428/07) offering AI-powered chatbots, automation, and website solutions.
Committed to privacy and protection of personal information per POPIA and other relevant laws.
This policy describes how we collect, use, store, and protect your information.
Information We Collect
Minimal information needed for service delivery:
Name and surname
Business/company name
Email address
Contact number
Provided voluntarily by clients requesting quotes, inquiries, or services.
What We Do Not Collect
No end-user/customer data unless agreed to in writing.
No payment card details.
No sensitive personal data (ID numbers, biometric data, addresses) unless required by contract.
How We Use Your Information
To respond to inquiries and provide quotations.
Communicate through project delivery.
Send project updates or administrative notices.
No selling, renting, or trading personal information.
Data Storage and Retention
Data securely stored by trusted third-party vendors.
Data retained as needed for provision of service, or until deletion requested.
No storage of chat logs, automation data, or client content by default.
Payments
No direct payment processing on the website.
Payment details exchanged securely through verified client channels.
Data Sharing
No client information shared unless:
Required by law, court, or regulator.
With verified vendors (hosting, email, automation)—only as required with confidentiality.
Security Measures
Secure, HTTPS-encrypted communication.
Reputable hosting and email providers.
Access limited to authorized personnel.
No enterprise-grade encryption or ISO/SOC certifications yet; additional protection possible by written agreement.
Your Rights Under POPIA
Right to access your data, request correction/deletion, withdraw consent, or opt-out from AI training (default: no training).
Requests via info@wav-waysta.net
Respond within a reasonable legal timeframe.
Children’s Privacy
Services targeted to businesses and clients over 18; no data collection from minors.
International Data Transfers
Some data processed/stored by international vendors (OpenAI, Google Cloud, hosting platforms).
Vendors required to maintain privacy safeguards consistent with POPIA and global standards.
Changes to This Policy
Updates published online with revised “Effective Date”.
Contact Us
Questions or privacy requests to:
WAV-waysta (Pty) Ltd
Reg. No: 2025/800428/07
Email: info@wav-waysta.net
Founder: Neo Sibonga-konke Siwela
Jurisdiction: Republic of South Africa
Appendix: WAV Security Roadmap
Current Security Practices
Minimal data (client contact only)
No payment data storage
Secure hosting providers
HTTPS everywhere
Default exclusion from AI model training
Short-Term Goals (0–6 Months)
Enforce Multi-Factor Authentication (MFA)
Encrypt client data backups
Data Processing Agreements (DPAs) with main vendors
Launch secure online quote forms with HTTPS
Medium-Term Goals (6–18 Months)
Role-Based Access Control (RBAC)
Centralized logging and intrusion alerts
Annual penetration tests
Automated data deletion after 12 months
Long-Term Goals (18–36 Months)
SOC 2 readiness or ISO 27001
Secure client portal for files/contracts
South Africa-based hosting for enterprise clients
Client Transparency Commitment
Prompt notification in case of breach
Up-to-date security roadmap available on request
Custom security/NDA on a per-project basis